安装
# yum -y install salt-api
更改配置
vim /etc/salt/master
把默认的注释掉 我们这边默认配置文件目录是/srv/salt
default_include: master.d/*.conf
创建目录
#cd /etc/salt
# mkdir master.d/
# cd master.d/
创建两个文件和添加配置
# cat api.conf rest_cherrypy: host: 0.0.0.0 port: 8080 debug: true disable_ssl: true # cat eauch.conf external_auth: pam: saltapi: - .* - '@wheel' - '@runner'
创建用户
# useradd saltapi # echo 123123 | passwd --stdin saltapi
重启salt-api
# /etc/init.d/salt-api restart Stopping salt-api daemon: [FAILED] Starting salt-api daemon: [ OK ]
# /etc/init.d/salt-master restart Stopping salt-master daemon: [FAILED] Starting salt-master daemon: [ OK ]
然后进行测试 是否安装成功
# curl -k http://10.20.0.100:8080/login -H "Accept: application/x-yaml" -d username='saltapi' -d password='123123' -d eauth='pam' return: - eauth: pam expire: 1474258659.0838921 perms: - .* - '@wheel' - '@runner' start: 1474215459.0838921 token: 69bb58e4b6bb2026369a40fc40184a88e7472054 user: saltapi
返回了token值 以后需要调用就可以直接用token值
我们试试 cmd.run模块
# curl -k http://10.20.0.100:8080 -H "Accept: application/x-yaml" -H "X-Auth-Token: 69bb58e4b6bb2026369a40fc40184a88e7472054" -d client='local' -d tgt='*' -d fun='cmd.run' -d arg='free -m' return: - salt-minion-01: ' total used free shared buffers cached Mem: 980 913 67 0 55 184 -/+ buffers/cache: 672 307 Swap: 1983 20 1963' salt-minion-02: ' total used free shared buffers cached Mem: 980 914 65 0 48 169 -/+ buffers/cache: 696 284 Swap: 1983 70 1913'
测试成功 可以返回信息
获取所有的minion_key
# curl -k http://10.20.0.100:8080/ -H "Accept: application/x-yaml" -H "X-Auth-Token: 69bb58e4b6bb2026369a40fc40184a88e7472054" -d client='wheel' -d fun='key.list_all' return: - data: _stamp: '2016-09-18T17:14:28.666376' fun: wheel.key.list_all jid: '20160919011427038345' return: local: - master.pem - master.pub minions: - salt-minion-01 - salt-minion-02 minions_denied: [] minions_pre: [] minions_rejected: [] success: true tag: salt/wheel/20160919011427038345 user: saltapi tag: salt/wheel/20160919011427038345
写在第三方调用Salt Api接口 更方便
#!/usr/bin/env python #_*_ coding:utf8 _*_ import urllib,urllib2,json import ssl import json import re class SaltAPI: __token_id = '' def __init__(self,url,username,password): self.__url = url.rstrip('/') # 移除URL末尾的/ self.__username = username self.__password = password # self.__token_id = self.SaltLogin() def token_id(self): #获取tokenid的请求数据 ''' /login ###########获取token链接########### curl -k http://10.20.0.100:8080/login -H "Accept: application/x-yaml" -d username='saltapi' -d password='123123' -d eauth='pam' return: - eauth: pam expire: 1474612524.6610701 perms: - .* - '@wheel' - '@runner' start: 1474569324.6610689 token: a13e4a29020acc47c19f73a7337165280cbdfbd1 user: saltapi 返回的token ''' params = {'eauth': 'pam', 'username': self.__username, 'password': self.__password} #讲请求的类型转成例如: #password=salt&eauth=pam&username=salt encode = urllib.urlencode(params) obj = urllib.unquote(encode) content = self.PostRequest(obj,prefix='/login') try: #获取到返回的token self.__token_id = content['return'][0]['token'] except KeyError: raise KeyError #推送请求 def PostRequest(self, obj, prefix='/'): url = self.__url + prefix headers = {'X-Auth-Token': self.__token_id} req = urllib2.Request(url,obj, headers) # obj为传入data参数字典,data为None 则方法为get,有date为post方法 response = urllib2.urlopen(req) content = json.loads(response.read()) return content #获取所以的key的类型 def list_all_key(self): params = {'client':'wheel','fun':'key.list_all'} obj = urllib.urlencode(params) self.token_id() content = self.PostRequest(obj) minions = content['return'][0]['data']['return']['minions'] minions_pre = content['return'][0]['data']['return']['minions_pre'] return minions,minions_pre #删除KEY 节点 def delete_key(self,node_name): params = {'client': 'wheel', 'fun': 'key.delete', 'match': node_name} obj = urllib.urlencode(params) self.token_id() content = self.PostRequest(obj) ret = content['return'][0]['data']['success'] return ret #同意Key 节点 def accept_key(self,node_name): params = {'client': 'wheel', 'fun': 'key.accept', 'match': node_name} obj = urllib.urlencode(params) self.token_id() content = self.PostRequest(obj) ret = content['return'][0]['data']['success'] return ret def remote_noarg_execution(self,tgt,fun): params = {'client': 'local', 'tgt': tgt, 'fun': fun} obj = urllib.urlencode(params) self.token_id() content = self.PostRequest(obj) ret = content['return'][0][tgt] return ret def remote_exexution(self,tgt,fun,arg): params = {'client': 'local', 'tgt': tgt, 'fun': fun, 'arg': arg} obj = urllib.urlencode(params) self.token_id() content = self.PostRequest(obj) ret = content['return'][0][tgt] return ret def target_remote_execution(self,tgt,fun,arg): params = {'client': 'local', 'tgt': tgt, 'fun': fun, 'arg': arg, 'expr_form': 'nodegroup'} obj = urllib.urlencode(params) self.token_id() content = self.PostRequest(obj) jid = content['return'][0]['jid'] return jid #应用部署 def app_deploy(self,tgt,arg): params = {'client': 'local', 'tgt': tgt, 'fun': 'state.sls', 'arg': arg} obj = urllib.urlencode(params) self.token_id() content = self.PostRequest(obj) return content def async_deploy(self,tgt,arg): params = {'client': 'local_async', 'tgt': tgt, 'fun': 'state.sls', 'arg': arg} obj = urllib.urlencode(params) self.token_id() content = self.PostRequest(obj) jid = content['return'][0]['jid'] return jid def target_deploy(self,tgt,arg): params = {'client': 'local_async', 'tgt': tgt, 'fun': 'state.sls', 'arg': arg, 'expr_form': 'nodegroup'} obj = urllib.urlencode(params) self.token_id() content = self.PostRequest(obj) jid = content['return'][0]['jid'] return jid # # 获取grains # def SaltMinions(self, minion=''): # if minion and minion != '*': # prefix = '/minions/' + minion # else: # prefix = '/minions' # res = self.PostRequest(None, prefix) # return res # # 获取events # # # def SaltEvents(self): # prefix = '/events' # res = self.PostRequest(None, prefix) # return res # def main(): # sapi = SaltAPI(url='http://10.20.0.100:8080',username='saltapi',password='123123') # sapi.token_id() # print sapi.list_all_key() # #sapi.delete_key('test-01') # #sapi.accept_key('test-01') # #sapi.deploy('test-01','nginx') # print sapi.remote_noarg_execution('salt-minion-01','grains.items') # # if __name__ == '__main__': # main()